AT&T 2.0.19 Code drop, stage 5
[aaf/authz.git] / authz-service / src / main / java / org / onap / aaf / authz / facade / AuthzFacadeImpl.java
diff --git a/authz-service/src/main/java/org/onap/aaf/authz/facade/AuthzFacadeImpl.java b/authz-service/src/main/java/org/onap/aaf/authz/facade/AuthzFacadeImpl.java
deleted file mode 100644 (file)
index d35a95a..0000000
+++ /dev/null
@@ -1,2565 +0,0 @@
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- *  *      http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- *  * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.authz.facade;\r
-\r
-import static org.onap.aaf.authz.layer.Result.ERR_ActionNotCompleted;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Backend;\r
-import static org.onap.aaf.authz.layer.Result.ERR_BadData;\r
-import static org.onap.aaf.authz.layer.Result.ERR_ConflictAlreadyExists;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Denied;\r
-import static org.onap.aaf.authz.layer.Result.ERR_NotFound;\r
-import static org.onap.aaf.authz.layer.Result.ERR_NotImplemented;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Policy;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Security;\r
-import static org.onap.aaf.authz.layer.Result.OK;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_ChoiceNeeded;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_DelegateNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_DependencyExists;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_FutureNotRequested;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_InvalidDelegate;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_NsNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_PermissionNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_RoleNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_UserNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_UserRoleNotFound;\r
-\r
-import java.io.IOException;\r
-import java.lang.reflect.Method;\r
-import java.util.Date;\r
-\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.servlet.http.HttpServletResponse;\r
-\r
-import org.onap.aaf.authz.env.AuthzEnv;\r
-import org.onap.aaf.authz.env.AuthzTrans;\r
-import org.onap.aaf.authz.layer.FacadeImpl;\r
-import org.onap.aaf.authz.layer.Result;\r
-import org.onap.aaf.authz.service.AuthzCassServiceImpl;\r
-import org.onap.aaf.authz.service.AuthzService;\r
-import org.onap.aaf.authz.service.mapper.Mapper;\r
-import org.onap.aaf.authz.service.mapper.Mapper.API;\r
-import org.onap.aaf.cssa.rserv.RServlet;\r
-import org.onap.aaf.cssa.rserv.RouteReport;\r
-import org.onap.aaf.cssa.rserv.doc.ApiDoc;\r
-import org.onap.aaf.dao.aaf.cass.NsType;\r
-import org.onap.aaf.dao.aaf.cass.Status;\r
-import org.onap.aaf.dao.aaf.hl.Question;\r
-\r
-import org.onap.aaf.cadi.aaf.client.Examples;\r
-import org.onap.aaf.inno.env.APIException;\r
-import org.onap.aaf.inno.env.Data;\r
-import org.onap.aaf.inno.env.Data.TYPE;\r
-import org.onap.aaf.inno.env.Env;\r
-import org.onap.aaf.inno.env.TimeTaken;\r
-import org.onap.aaf.inno.env.util.Chrono;\r
-import org.onap.aaf.rosetta.Marshal;\r
-import org.onap.aaf.rosetta.env.RosettaDF;\r
-import org.onap.aaf.rosetta.env.RosettaData;\r
-\r
-import aaf.v2_0.Api;\r
-\r
-/**\r
- * AuthzFacade\r
- * \r
- * This Service Facade encapsulates the essence of the API Service can do, and provides\r
- * a single created object for elements such as RosettaDF.\r
- *\r
- * The Responsibilities of this class are to:\r
- * 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)\r
- * 2) Validate incoming data (if applicable)\r
- * 3) Convert the Service response into the right Format, and mark the Content Type\r
- *             a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.\r
- * 4) Log Service info, warnings and exceptions as necessary\r
- * 5) When asked by the API layer, this will create and write Error content to the OutputStream\r
- * \r
- * Note: This Class does NOT set the HTTP Status Code.  That is up to the API layer, so that it can be \r
- * clearly coordinated with the API Documentation\r
- * \r
- *\r
- */\r
-public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> extends FacadeImpl implements AuthzFacade \r
-       {\r
-       private static final String FORBIDDEN = "Forbidden";\r
-       private static final String NOT_FOUND = "Not Found";\r
-       private static final String NOT_ACCEPTABLE = "Not Acceptable";\r
-       private static final String GENERAL_SERVICE_ERROR = "General Service Error";\r
-       private static final String NO_DATA = "***No Data***";\r
-       private AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service = null;\r
-       private final RosettaDF<NSS> nssDF;\r
-       private final RosettaDF<PERMS> permsDF;\r
-       private final RosettaDF<ROLES> roleDF;\r
-       private final RosettaDF<USERS> usersDF;\r
-       private final RosettaDF<USERROLES> userrolesDF;\r
-       private final RosettaDF<CERTS> certsDF;\r
-       private final RosettaDF<DELGS> delgDF;\r
-       private final RosettaDF<REQUEST> permRequestDF;\r
-       private final RosettaDF<REQUEST> roleRequestDF;\r
-       private final RosettaDF<REQUEST> userRoleRequestDF;\r
-       private final RosettaDF<REQUEST> rolePermRequestDF;\r
-       private final RosettaDF<REQUEST> nsRequestDF;\r
-       private final RosettaDF<REQUEST> credRequestDF;\r
-       private final RosettaDF<REQUEST> delgRequestDF;\r
-       private final RosettaDF<HISTORY> historyDF;\r
-       private final RosettaDF<KEYS>    keysDF;\r
-\r
-       private final RosettaDF<ERR>            errDF;\r
-       private final RosettaDF<APPROVALS>  approvalDF;\r
-       // Note: Api is not different per Version\r
-       private final RosettaDF<Api>            apiDF;\r
-\r
-\r
-       @SuppressWarnings("unchecked")\r
-       public AuthzFacadeImpl(AuthzEnv env, AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service, Data.TYPE dataType) throws APIException {\r
-               this.service = service;\r
-               (nssDF                          = env.newDataFactory(service.mapper().getClass(API.NSS))).in(dataType).out(dataType);\r
-               (permRequestDF          = env.newDataFactory(service.mapper().getClass(API.PERM_REQ))).in(dataType).out(dataType);\r
-               (permsDF                        = env.newDataFactory(service.mapper().getClass(API.PERMS))).in(dataType).out(dataType);\r
-//             (permKeyDF                      = env.newDataFactory(service.mapper().getClass(API.PERM_KEY))).in(dataType).out(dataType);\r
-               (roleDF                         = env.newDataFactory(service.mapper().getClass(API.ROLES))).in(dataType).out(dataType);\r
-               (roleRequestDF          = env.newDataFactory(service.mapper().getClass(API.ROLE_REQ))).in(dataType).out(dataType);\r
-               (usersDF                        = env.newDataFactory(service.mapper().getClass(API.USERS))).in(dataType).out(dataType);\r
-               (userrolesDF                    = env.newDataFactory(service.mapper().getClass(API.USER_ROLES))).in(dataType).out(dataType);\r
-               (certsDF                        = env.newDataFactory(service.mapper().getClass(API.CERTS))).in(dataType).out(dataType)\r
-                       .rootMarshal((Marshal<CERTS>) service.mapper().getMarshal(API.CERTS));\r
-               ;\r
-               (userRoleRequestDF      = env.newDataFactory(service.mapper().getClass(API.USER_ROLE_REQ))).in(dataType).out(dataType);\r
-               (rolePermRequestDF      = env.newDataFactory(service.mapper().getClass(API.ROLE_PERM_REQ))).in(dataType).out(dataType);\r
-               (nsRequestDF            = env.newDataFactory(service.mapper().getClass(API.NS_REQ))).in(dataType).out(dataType);\r
-               (credRequestDF          = env.newDataFactory(service.mapper().getClass(API.CRED_REQ))).in(dataType).out(dataType);\r
-               (delgRequestDF          = env.newDataFactory(service.mapper().getClass(API.DELG_REQ))).in(dataType).out(dataType);\r
-               (historyDF                      = env.newDataFactory(service.mapper().getClass(API.HISTORY))).in(dataType).out(dataType);\r
-               ( keysDF                        = env.newDataFactory(service.mapper().getClass(API.KEYS))).in(dataType).out(dataType);\r
-               (delgDF                         = env.newDataFactory(service.mapper().getClass(API.DELGS))).in(dataType).out(dataType);\r
-               (approvalDF             = env.newDataFactory(service.mapper().getClass(API.APPROVALS))).in(dataType).out(dataType);\r
-               (errDF                          = env.newDataFactory(service.mapper().getClass(API.ERROR))).in(dataType).out(dataType);\r
-               (apiDF                          = env.newDataFactory(Api.class)).in(dataType).out(dataType);\r
-       }\r
-       \r
-       public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {\r
-               return service.mapper();\r
-       }\r
-       \r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#error(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, int)\r
-        * \r
-        * Note: Conforms to AT&T TSS RESTful Error Structure\r
-        */\r
-       @Override\r
-       public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {\r
-               String msg = result.details==null?"%s":"%s - " + result.details.trim();\r
-               String msgId;\r
-               String[] detail;\r
-               if(result.variables==null) {\r
-                       detail = new String[1];\r
-               } else {\r
-                       int l = result.variables.length;\r
-                       detail=new String[l+1];\r
-                       System.arraycopy(result.variables, 0, detail, 1, l);\r
-               }\r
-               //int httpstatus;\r
-               \r
-               switch(result.status) {\r
-                       case ERR_ActionNotCompleted:\r
-                               msgId = "SVC1202";\r
-                               detail[0] = "Accepted, Action not complete";\r
-                               response.setStatus(/*httpstatus=*/202);\r
-                               break;\r
-\r
-                       case ERR_Policy:\r
-                               msgId = "SVC3403";\r
-                               detail[0] = FORBIDDEN;\r
-                               response.setStatus(/*httpstatus=*/403);\r
-                               break;\r
-                       case ERR_Security:\r
-                               msgId = "SVC2403";\r
-                               detail[0] = FORBIDDEN;\r
-                               response.setStatus(/*httpstatus=*/403);\r
-                               break;\r
-                       case ERR_Denied:\r
-                               msgId = "SVC1403";\r
-                               detail[0] = FORBIDDEN;\r
-                               response.setStatus(/*httpstatus=*/403);\r
-                               break;\r
-                       // This is still forbidden to directly impact, but can be Requested when passed\r
-                       // with "request=true" query Param\r
-                       case ERR_FutureNotRequested:\r
-                               msgId = "SVC2403";\r
-                               detail[0] = msg;\r
-                               response.setStatus(/*httpstatus=*/403);\r
-                               break;\r
-                               \r
-                       case ERR_NsNotFound:\r
-                               msgId = "SVC2404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-                       case ERR_RoleNotFound:\r
-                               msgId = "SVC3404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-                       case ERR_PermissionNotFound:\r
-                               msgId = "SVC4404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-                       case ERR_UserNotFound:\r
-                               msgId = "SVC5404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-                       case ERR_UserRoleNotFound:\r
-                               msgId = "SVC6404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-                       case ERR_DelegateNotFound:\r
-                               msgId = "SVC7404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-                       case ERR_NotFound:\r
-                               msgId = "SVC1404";\r
-                               detail[0] = NOT_FOUND;\r
-                               response.setStatus(/*httpstatus=*/404);\r
-                               break;\r
-\r
-                       case ERR_InvalidDelegate:\r
-                               msgId="SVC2406";\r
-                               detail[0] = NOT_ACCEPTABLE;\r
-                               response.setStatus(/*httpstatus=*/406);\r
-                               break;\r
-                       case ERR_BadData:\r
-                               msgId="SVC1406";\r
-                               detail[0] = NOT_ACCEPTABLE;\r
-                               response.setStatus(/*httpstatus=*/406);\r
-                               break;\r
-                               \r
-                       case ERR_ConflictAlreadyExists:\r
-                               msgId = "SVC1409";\r
-                               detail[0] = "Conflict Already Exists";\r
-                               response.setStatus(/*httpstatus=*/409);\r
-                               break;\r
-                       \r
-                       case ERR_DependencyExists:\r
-                               msgId = "SVC1424";\r
-                               detail[0] = "Failed Dependency";\r
-                               response.setStatus(/*httpstatus=*/424);\r
-                               break;\r
-                       \r
-                       case ERR_NotImplemented:\r
-                               msgId = "SVC1501";\r
-                               detail[0] = "Not Implemented"; \r
-                               response.setStatus(/*httpstatus=*/501);\r
-                               break;\r
-                               \r
-                       case Status.ACC_Future:\r
-                               msgId = "SVC1202";\r
-                               detail[0] = "Accepted for Future, pending Approvals";\r
-                               response.setStatus(/*httpstatus=*/202);\r
-                               break;\r
-                       case ERR_ChoiceNeeded:\r
-                               msgId = "SVC1300";\r
-                               detail = result.variables;\r
-                               response.setStatus(/*httpstatus=*/300);\r
-                               break;\r
-                       case ERR_Backend: \r
-                               msgId = "SVC2500";\r
-                               detail[0] = GENERAL_SERVICE_ERROR;\r
-                               response.setStatus(/*httpstatus=*/500);\r
-                               break;\r
-\r
-                       default: \r
-                               msgId = "SVC1500";\r
-                               detail[0] = GENERAL_SERVICE_ERROR;\r
-                               response.setStatus(/*httpstatus=*/500);\r
-                               break;\r
-               }\r
-\r
-               try {\r
-                       StringBuilder holder = new StringBuilder();\r
-                       errDF.newData(trans).load(\r
-                               service.mapper()\r
-                                       .errorFromMessage(holder,msgId,msg,detail))\r
-                                               .to(response.getOutputStream());\r
-                       trans.checkpoint(\r
-                                       holder.toString(),\r
-//                                     String.format("ErrResp [" +     msgId + "] " + msg,(Object[])detail),\r
-                                       Env.ALWAYS);\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,"unable to send response for",msg);\r
-               }\r
-       }\r
-       \r
-       ///////////////////////////\r
-       // Namespace\r
-       ///////////////////////////\r
-       public static final String CREATE_NS = "createNamespace";\r
-       public static final String ADD_NS_ADMIN = "addNamespaceAdmin";\r
-       public static final String DELETE_NS_ADMIN = "delNamespaceAdmin";\r
-       public static final String ADD_NS_RESPONSIBLE = "addNamespaceResponsible";\r
-       public static final String DELETE_NS_RESPONSIBLE = "delNamespaceResponsible";\r
-       public static final String GET_NS_BY_NAME = "getNamespaceByName";\r
-       public static final String GET_NS_BY_ADMIN = "getNamespaceByAdmin";\r
-       public static final String GET_NS_BY_RESPONSIBLE = "getNamespaceByResponsible";\r
-       public static final String GET_NS_BY_EITHER = "getNamespaceByEither";\r
-       public static final String GET_NS_CHILDREN = "getNamespaceChildren";\r
-       public static final String UPDATE_NS_DESC = "updateNamespaceDescription";\r
-       public static final String DELETE_NS = "deleteNamespace";\r
-       \r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#createNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
-        */\r
-       @Override\r
-       public Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type) {\r
-               TimeTaken tt = trans.start(CREATE_NS, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST request;\r
-                       try {\r
-                               Data<REQUEST> rd = nsRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,rd.asString());\r
-                               }\r
-                               request = rd.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,CREATE_NS);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.createNS(trans,request,type);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CREATE_NS);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
-               TimeTaken tt = trans.start(ADD_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.addAdminNS(trans,ns,id);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       //TODO Perms??\r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,ADD_NS_ADMIN);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
-               TimeTaken tt = trans.start(DELETE_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.delAdminNS(trans, ns, id);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_NS_ADMIN);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
-               TimeTaken tt = trans.start(ADD_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.addResponsibleNS(trans,ns,id);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,ADD_NS_RESPONSIBLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
-               TimeTaken tt = trans.start(DELETE_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.delResponsibleNS(trans, ns, id);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_NS_RESPONSIBLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByName(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns) {\r
-               TimeTaken tt = trans.start(GET_NS_BY_NAME + ' ' + ns, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<NSS> rp = service.getNSbyName(trans, ns);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,nssDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_NS_BY_NAME);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-//     TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByAdmin(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
-               TimeTaken tt = trans.start(GET_NS_BY_ADMIN + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<NSS> rp = service.getNSbyAdmin(trans, user, full);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,nssDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_NS_BY_ADMIN);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-//     TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
-               TimeTaken tt = trans.start(GET_NS_BY_RESPONSIBLE + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<NSS> rp = service.getNSbyResponsible(trans, user, full);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-\r
-                                       setContentType(resp,nssDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_NS_BY_RESPONSIBLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
-               TimeTaken tt = trans.start(GET_NS_BY_EITHER + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<NSS> rp = service.getNSbyEither(trans, user, full);\r
-                       \r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-\r
-                                       setContentType(resp,nssDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_NS_BY_EITHER);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String parent){\r
-               TimeTaken tt = trans.start(GET_NS_CHILDREN + ' ' + parent, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<NSS> rp = service.getNSsChildren(trans, parent);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,nssDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_NS_CHILDREN);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(UPDATE_NS_DESC, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = nsRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,UPDATE_NS_DESC);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-                       Result<Void> rp = service.updateNsDescription(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,UPDATE_NS_DESC);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       /*\r
-        * (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#requestNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
-        */\r
-       @Override\r
-       public Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns) {\r
-               TimeTaken tt = trans.start(DELETE_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.deleteNS(trans,ns);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,nsRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_NS);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       private final static String NS_CREATE_ATTRIB = "nsCreateAttrib";\r
-       private final static String NS_UPDATE_ATTRIB = "nsUpdateAttrib";\r
-       private final static String READ_NS_BY_ATTRIB = "readNsByAttrib";\r
-       private final static String NS_DELETE_ATTRIB = "nsDeleteAttrib";\r
-       \r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#createAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {\r
-               TimeTaken tt = trans.start(NS_CREATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<?> rp = service.createNsAttrib(trans,ns,key,value);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp, keysDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,NS_CREATE_ATTRIB);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#readAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key) {\r
-               TimeTaken tt = trans.start(READ_NS_BY_ATTRIB + ' ' + key, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<KEYS> rp = service.readNsByAttrib(trans, key);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<KEYS> data = keysDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,keysDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,READ_NS_BY_ATTRIB);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#updAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {\r
-               TimeTaken tt = trans.start(NS_UPDATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<?> rp = service.updateNsAttrib(trans,ns,key,value);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp, keysDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,NS_UPDATE_ATTRIB);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#delAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key) {\r
-               TimeTaken tt = trans.start(NS_DELETE_ATTRIB + ' ' + ns + ':'+key, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<?> rp = service.deleteNsAttrib(trans,ns,key);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp, keysDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,NS_DELETE_ATTRIB);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-//\r
-// PERMISSION\r
-//\r
-       public static final String CREATE_PERMISSION = "createPermission";\r
-       public static final String GET_PERMS_BY_TYPE = "getPermsByType";\r
-       public static final String GET_PERMS_BY_NAME = "getPermsByName";\r
-       public static final String GET_PERMISSIONS_BY_USER = "getPermissionsByUser";\r
-       public static final String GET_PERMISSIONS_BY_USER_WITH_QUERY = "getPermissionsByUserWithQuery";\r
-       public static final String GET_PERMISSIONS_BY_ROLE = "getPermissionsByRole";\r
-       public static final String GET_PERMISSIONS_BY_NS = "getPermissionsByNS";\r
-       public static final String UPDATE_PERMISSION = "updatePermission";\r
-       public static final String UPDATE_PERM_DESC = "updatePermissionDescription";\r
-       public static final String SET_PERMISSION_ROLES_TO = "setPermissionRolesTo";\r
-       public static final String DELETE_PERMISSION = "deletePermission";\r
-       \r
-       /*\r
-        * (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start( CREATE_PERMISSION, Env.SUB|Env.ALWAYS);     \r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();                 \r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,CREATE_PERMISSION);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.createPerm(trans,rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CREATE_PERMISSION);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getChildPerms(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String perm) {\r
-               TimeTaken tt = trans.start(GET_PERMS_BY_TYPE + ' ' + perm, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       \r
-                       Result<PERMS> rp = service.getPermsByType(trans, perm);\r
-                       switch(rp.status) {\r
-                               case OK:\r
-                                       RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_PERMS_BY_TYPE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp, \r
-                       String type, String instance, String action) {\r
-               \r
-               TimeTaken tt = trans.start(GET_PERMS_BY_NAME + ' ' + type\r
-                               + '|' + instance + '|' + action, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       \r
-                       Result<PERMS> rp = service.getPermsByName(trans, type, instance, action);\r
-                       switch(rp.status) {\r
-                               case OK:\r
-                                       RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_PERMS_BY_TYPE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse resp,  String user) {\r
-               TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<PERMS> rp = service.getPermsByUser(trans, user);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_PERMISSIONS_BY_USER, user);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String user) {\r
-               TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_WITH_QUERY + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       PERMS perms;\r
-                       try {\r
-                               RosettaData<PERMS> data = permsDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               perms = data.asObject();                        \r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,CREATE_PERMISSION);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-\r
-                       Result<PERMS> rp = service.getPermsByUser(trans, perms, user);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_WITH_QUERY , user);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionsForRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse resp, String roleName) {\r
-               TimeTaken tt = trans.start(GET_PERMISSIONS_BY_ROLE + ' ' + roleName, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<PERMS> rp = service.getPermsByRole(trans, roleName);\r
-                       switch(rp.status) {\r
-                               case OK:\r
-                                       RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_PERMISSIONS_BY_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> getPermsByNS(AuthzTrans trans,HttpServletResponse resp,String ns) {\r
-               TimeTaken tt = trans.start(GET_PERMISSIONS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<PERMS> rp = service.getPermsByNS(trans, ns);\r
-                       switch(rp.status) {\r
-                               case OK:\r
-                                       RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_PERMISSIONS_BY_NS);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /*\r
-        * (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,\r
-                       String origType, String origInstance, String origAction) {\r
-               String cmdDescription = UPDATE_PERMISSION;\r
-               TimeTaken tt = trans.start( cmdDescription      + ' ' + origType + ' ' + origInstance + ' ' + origAction, Env.SUB|Env.ALWAYS);  \r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();                 \r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,cmdDescription);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.renamePerm(trans,rreq, origType, origInstance, origAction);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,cmdDescription);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(UPDATE_PERM_DESC, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,UPDATE_PERM_DESC);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-                       Result<Void> rp = service.updatePermDescription(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,UPDATE_PERM_DESC);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       \r
-       @Override\r
-       public Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(SET_PERMISSION_ROLES_TO, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN, SET_PERMISSION_ROLES_TO);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.resetPermRoles(trans, rreq);\r
-                       \r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,SET_PERMISSION_ROLES_TO);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(DELETE_PERMISSION, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,DELETE_PERMISSION);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-\r
-                       Result<Void> rp = service.deletePerm(trans,rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_PERMISSION);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action) {\r
-               TimeTaken tt = trans.start(DELETE_PERMISSION + type + ' ' + instance + ' ' + action, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.deletePerm(trans,type,instance,action);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_PERMISSION);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       public static final String CREATE_ROLE = "createRole";\r
-       public static final String GET_ROLES_BY_USER = "getRolesByUser";\r
-       public static final String GET_ROLES_BY_NS = "getRolesByNS";\r
-       public static final String GET_ROLES_BY_NAME_ONLY = "getRolesByNameOnly";\r
-       public static final String GET_ROLES_BY_NAME = "getRolesByName";\r
-       public static final String GET_ROLES_BY_PERM = "getRolesByPerm";\r
-       public static final String UPDATE_ROLE_DESC = "updateRoleDescription"; \r
-       public static final String ADD_PERM_TO_ROLE = "addPermissionToRole";\r
-       public static final String DELETE_PERM_FROM_ROLE = "deletePermissionFromRole";\r
-       public static final String UPDATE_MGTPERM_ROLE = "updateMgtPermRole";\r
-       public static final String DELETE_ROLE = "deleteRole";\r
-       public static final String GET_CERT_BY_ID = "getCertByID";\r
-\r
-       @Override\r
-       public Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(CREATE_ROLE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,CREATE_ROLE);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-                       Result<Void> rp = service.createRole(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,roleRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CREATE_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByName(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getRolesByName(AuthzTrans trans, HttpServletResponse resp, String role) {\r
-               TimeTaken tt = trans.start(GET_ROLES_BY_NAME + ' ' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<ROLES> rp = service.getRolesByName(trans, role);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,roleDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_ROLES_BY_NAME);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getRolesByUser(AuthzTrans trans,HttpServletResponse resp, String user) {\r
-               TimeTaken tt = trans.start(GET_ROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<ROLES> rp = service.getRolesByUser(trans, user);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,roleDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_ROLES_BY_USER, user);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getRolesByNS(AuthzTrans trans,HttpServletResponse resp, String ns) {\r
-               TimeTaken tt = trans.start(GET_ROLES_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<ROLES> rp = service.getRolesByNS(trans, ns);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       if(!rp.isEmpty()) {\r
-                                               RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
-                                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                                       Question.logEncryptTrace(trans,data.asString());\r
-                                               }\r
-                                               data.to(resp.getOutputStream());\r
-                                       } else {\r
-                                               Question.logEncryptTrace(trans, NO_DATA);\r
-                                       }\r
-                                       setContentType(resp,roleDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_ROLES_BY_NS);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByNameOnly(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getRolesByNameOnly(AuthzTrans trans,HttpServletResponse resp, String nameOnly) {\r
-               TimeTaken tt = trans.start(GET_ROLES_BY_NAME_ONLY + ' ' + nameOnly, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<ROLES> rp = service.getRolesByNameOnly(trans, nameOnly);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       if(!rp.isEmpty()) {\r
-                                               RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
-                                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                                       Question.logEncryptTrace(trans,data.asString());\r
-                                               }\r
-                                               data.to(resp.getOutputStream());\r
-                                       } else {\r
-                                               Question.logEncryptTrace(trans, NO_DATA);\r
-                                       }\r
-                                       setContentType(resp,roleDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_ROLES_BY_NAME_ONLY);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getRolesByPerm(AuthzTrans trans,HttpServletResponse resp, String type, String instance, String action) {\r
-               TimeTaken tt = trans.start(GET_ROLES_BY_PERM + type +' '+instance+' '+action, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<ROLES> rp = service.getRolesByPerm(trans, type,instance,action);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,roleDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_ROLES_BY_PERM);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /*\r
-        * (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#updateDescription(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
-        */\r
-       @Override\r
-       public Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(UPDATE_ROLE_DESC, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,UPDATE_ROLE_DESC);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-                       Result<Void> rp = service.updateRoleDescription(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,roleRequestDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return rp;\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,UPDATE_ROLE_DESC);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> addPermToRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(ADD_PERM_TO_ROLE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,ADD_PERM_TO_ROLE);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-                       Result<Void> rp = service.addPermToRole(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,ADD_PERM_TO_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,DELETE_PERM_FROM_ROLE);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
-                       }\r
-                       Result<Void> rp = service.delPermFromRole(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       resp.getOutputStream().println();\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
-               TimeTaken tt = trans.start(DELETE_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.deleteRole(trans, role);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(DELETE_ROLE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN,CREATE_ROLE);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-\r
-                       Result<Void> rp = service.deleteRole(trans, rreq);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       public static final String CREATE_CRED = "createUserCred";\r
-       private static final String GET_CREDS_BY_NS = "getCredsByNS";\r
-       private static final String GET_CREDS_BY_ID = "getCredsByID";\r
-       public static final String UPDATE_CRED = "updateUserCred";\r
-       public static final String EXTEND_CRED = "extendUserCred";\r
-       public static final String DELETE_CRED = "deleteUserCred";\r
-       public static final String DOES_CRED_MATCH = "doesCredMatch";\r
-       public static final String VALIDATE_BASIC_AUTH = "validateBasicAuth";\r
-\r
-\r
-\r
-       @Override\r
-       /**\r
-        * Create Credential\r
-        * \r
-        */\r
-       public Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req) {\r
-               TimeTaken tt = trans.start(CREATE_CRED, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-                       return service.createUserCred(trans, data.asObject());\r
-               } catch(APIException e) {\r
-                       trans.error().log(e,"Bad Input data");\r
-                       return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CREATE_CRED);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req) {\r
-               TimeTaken tt = trans.start(UPDATE_CRED, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.changeUserCred(trans, data.asObject());\r
-               } catch(APIException e) {\r
-                       trans.error().log(e,"Bad Input data");\r
-                       return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,UPDATE_CRED);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#extendUserCred(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, int)\r
-        */\r
-       @Override\r
-       public Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days) {\r
-               TimeTaken tt = trans.start(EXTEND_CRED, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.extendUserCred(trans, data.asObject(), days);\r
-               } catch(APIException e) {\r
-                       trans.error().log(e,"Bad Input data");\r
-                       return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,EXTEND_CRED);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns) {\r
-               TimeTaken tt = trans.start(GET_CREDS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
-               \r
-               try {\r
-                       Result<USERS> ru = service.getCredsByNS(trans,ns);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans,trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_CREDS_BY_NS);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-               \r
-       }\r
-       \r
-       \r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getCredsByID(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id) {\r
-               TimeTaken tt = trans.start(GET_CREDS_BY_ID + ' ' + id, Env.SUB|Env.ALWAYS);\r
-               \r
-               try {\r
-                       Result<USERS> ru = service.getCredsByID(trans,id);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_CREDS_BY_ID);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-               \r
-       }\r
-\r
-       @Override\r
-       public Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req) {\r
-               TimeTaken tt = trans.start(DELETE_CRED, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.deleteUserCred(trans, data.asObject());\r
-               } catch(APIException e) {\r
-                       trans.error().log(e,"Bad Input data");\r
-                       return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_CRED);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }       \r
-       }\r
-       \r
-       \r
-       @Override\r
-       public Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(DOES_CRED_MATCH, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.doesCredentialMatch(trans, data.asObject());\r
-               } catch(APIException e) {\r
-                       trans.error().log(e,"Bad Input data");\r
-                       return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
-               } catch (IOException e) {\r
-                       trans.error().log(e,IN,DOES_CRED_MATCH);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }       \r
-       }\r
-\r
-\r
-       @Override\r
-       public Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth) {\r
-               TimeTaken tt = trans.start(VALIDATE_BASIC_AUTH, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Date> result = service.validateBasicAuth(trans,basicAuth);\r
-                       switch(result.status){\r
-                               case OK:\r
-                                       resp.getOutputStream().write(Chrono.utcStamp(result.value).getBytes());\r
-                                       return Result.ok();\r
-                       }\r
-                       return Result.err(result);\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,VALIDATE_BASIC_AUTH);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getCertInfoByID(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id) {\r
-               TimeTaken tt = trans.start(GET_CERT_BY_ID, Env.SUB|Env.ALWAYS);\r
-               try {   \r
-                       Result<CERTS> rci = service.getCertInfoByID(trans,req,id);\r
-                       \r
-                       switch(rci.status) {\r
-                               case OK: \r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               RosettaData<CERTS> data = certsDF.newData(trans).load(rci.value);\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                               data.to(resp.getOutputStream());\r
-                                       } else {\r
-                                               certsDF.direct(trans, rci.value, resp.getOutputStream());\r
-                                       }\r
-                                       setContentType(resp,certsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rci);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_CERT_BY_ID);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       public static final String CREATE_DELEGATE = "createDelegate";\r
-       public static final String UPDATE_DELEGATE = "updateDelegate";\r
-       public static final String DELETE_DELEGATE = "deleteDelegate";\r
-       public static final String GET_DELEGATE_USER = "getDelegatesByUser";\r
-       public static final String GET_DELEGATE_DELG = "getDelegatesByDelegate";\r
-       \r
-       @Override\r
-       public Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(CREATE_DELEGATE, Env.SUB|Env.ALWAYS);\r
-               try {   \r
-                       Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.createDelegate(trans, data.asObject());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CREATE_DELEGATE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(UPDATE_DELEGATE, Env.SUB|Env.ALWAYS);\r
-               try {   \r
-                       Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.updateDelegate(trans, data.asObject());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,UPDATE_DELEGATE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> deleteDelegate(AuthzTrans trans,  HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(DELETE_DELEGATE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       return service.deleteDelegate(trans, data.asObject());\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_DELEGATE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {\r
-               TimeTaken tt = trans.start(DELETE_DELEGATE + ' ' + userName, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       return service.deleteDelegate(trans, userName);\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_DELEGATE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> getDelegatesByUser(AuthzTrans trans, String user, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(GET_DELEGATE_USER, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<DELGS> rd = service.getDelegatesByUser(trans, user);\r
-                       \r
-                       switch(rd.status) {\r
-                               case OK: \r
-                                       RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,delgDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rd);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_DELEGATE_USER);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> getDelegatesByDelegate(AuthzTrans trans, String delegate, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(GET_DELEGATE_DELG, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<DELGS> rd = service.getDelegatesByDelegate(trans, delegate);\r
-                       switch(rd.status) {\r
-                               case OK: \r
-                                       RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,delgDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rd);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_DELEGATE_DELG);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       private static final String REQUEST_USER_ROLE = "createUserRole";\r
-       private static final String GET_USERROLES = "getUserRoles";\r
-       private static final String GET_USERROLES_BY_ROLE = "getUserRolesByRole";\r
-       private static final String GET_USERROLES_BY_USER = "getUserRolesByUser";\r
-       private static final String SET_ROLES_FOR_USER = "setRolesForUser";\r
-       private static final String SET_USERS_FOR_ROLE = "setUsersForRole";\r
-       private static final String EXTEND_USER_ROLE = "extendUserRole";\r
-       private static final String DELETE_USER_ROLE = "deleteUserRole";\r
-       @Override\r
-       public Result<Void> requestUserRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(REQUEST_USER_ROLE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST request;\r
-                       try {\r
-                               Data<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-\r
-                               request = data.asObject();\r
-                       } catch(APIException e) {\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.createUserRole(trans,request);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,REQUEST_USER_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
-               TimeTaken tt = trans.start(GET_USERROLES + ' ' + user + '|' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<USERS> ru = service.getUserInRole(trans,user,role);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_USERROLES);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
-               TimeTaken tt = trans.start(GET_USERROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<USERROLES> ru = service.getUserRolesByUser(trans,user);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_USERROLES_BY_USER);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
-               TimeTaken tt = trans.start(GET_USERROLES_BY_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<USERROLES> ru = service.getUserRolesByRole(trans,role);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_USERROLES_BY_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-\r
-       }\r
-       \r
-\r
-       @Override\r
-       public Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {\r
-               TimeTaken tt = trans.start(SET_USERS_FOR_ROLE, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN, SET_USERS_FOR_ROLE);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.resetUsersForRole(trans, rreq);\r
-                       \r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,SET_USERS_FOR_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-               \r
-       }\r
-\r
-       @Override\r
-       public Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {\r
-               TimeTaken tt = trans.start(SET_ROLES_FOR_USER, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       REQUEST rreq;\r
-                       try {\r
-                               RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
-                               if(Question.willSpecialLog(trans, trans.user())) {\r
-                                       Question.logEncryptTrace(trans,data.asString());\r
-                               }\r
-\r
-                               rreq = data.asObject();\r
-                       } catch(APIException e) {\r
-                               trans.error().log("Invalid Input",IN, SET_ROLES_FOR_USER);\r
-                               return Result.err(Status.ERR_BadData,"Invalid Input");\r
-                       }\r
-                       \r
-                       Result<Void> rp = service.resetRolesForUser(trans, rreq);\r
-                       \r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,SET_ROLES_FOR_USER);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-               \r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#extendUserRoleExpiration(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
-               TimeTaken tt = trans.start(EXTEND_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       return service.extendUserRole(trans,user,role);\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,EXTEND_USER_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
-               TimeTaken tt = trans.start(DELETE_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<Void> rp = service.deleteUserRole(trans,user,role);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,DELETE_USER_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       private static final String UPDATE_APPROVAL = "updateApproval";\r
-       private static final String GET_APPROVALS_BY_USER = "getApprovalsByUser.";\r
-       private static final String GET_APPROVALS_BY_TICKET = "getApprovalsByTicket.";\r
-       private static final String GET_APPROVALS_BY_APPROVER = "getApprovalsByApprover.";\r
-       \r
-       @Override\r
-       public Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
-               TimeTaken tt = trans.start(UPDATE_APPROVAL, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Data<APPROVALS> data = approvalDF.newData().load(req.getInputStream());\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       Result<Void> rp = service.updateApproval(trans, data.asObject());\r
-                       \r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       setContentType(resp,approvalDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,UPDATE_APPROVAL);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-       @Override\r
-       public Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
-               TimeTaken tt = trans.start(GET_APPROVALS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<APPROVALS> rp = service.getApprovalsByUser(trans, user);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-                                       data.to(resp.getOutputStream());\r
-                                       \r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_APPROVALS_BY_USER, user);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver) {\r
-               TimeTaken tt = trans.start(GET_APPROVALS_BY_APPROVER + ' ' + approver, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<APPROVALS> rp = service.getApprovalsByApprover(trans, approver);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_APPROVALS_BY_APPROVER,approver);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       @Override\r
-       public Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket) {\r
-               TimeTaken tt = trans.start(GET_APPROVALS_BY_TICKET, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<APPROVALS> rp = service.getApprovalsByTicket(trans, ticket);\r
-                       switch(rp.status) {\r
-                               case OK: \r
-                                       RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,permsDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rp);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_APPROVALS_BY_TICKET);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-\r
-       \r
-       public static final String GET_USERS_PERMISSION = "getUsersByPermission";\r
-       public static final String GET_USERS_ROLE = "getUsersByRole";\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getUsersByRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
-               TimeTaken tt = trans.start(GET_USERS_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<USERS> ru = service.getUsersByRole(trans,role);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_USERS_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getUsersByPermission(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp, \r
-                       String type, String instance, String action) {\r
-               TimeTaken tt = trans.start(GET_USERS_PERMISSION + ' ' + type + ' ' + instance + ' ' +action, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<USERS> ru = service.getUsersByPermission(trans,type,instance,action);\r
-                       switch(ru.status) {\r
-                               case OK: \r
-                                       RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,usersDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(ru);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_USERS_PERMISSION);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       \r
-       public static final String GET_HISTORY_USER = "getHistoryByUser";\r
-       public static final String GET_HISTORY_ROLE = "getHistoryByRole";\r
-       public static final String GET_HISTORY_PERM = "getHistoryByPerm";\r
-       public static final String GET_HISTORY_NS = "getHistoryByNS";\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
-        */\r
-       @Override\r
-       public Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort) {\r
-               StringBuilder sb = new StringBuilder();\r
-               sb.append(GET_HISTORY_USER);\r
-               sb.append(' ');\r
-               sb.append(user);\r
-               sb.append(" for ");\r
-               boolean first = true;\r
-               for(int i : yyyymm) {\r
-                       if(first) {\r
-                           first = false;\r
-                       } else {\r
-                           sb.append(',');\r
-                       }\r
-                       sb.append(i);\r
-               }\r
-               TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
-\r
-               try {\r
-                       Result<HISTORY> rh = service.getHistoryByUser(trans,user,yyyymm,sort);\r
-                       switch(rh.status) {\r
-                               case OK: \r
-                                       RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,historyDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rh);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_HISTORY_USER);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
-        */\r
-       @Override\r
-       public Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String role, int[] yyyymm, final int sort) {\r
-               StringBuilder sb = new StringBuilder();\r
-               sb.append(GET_HISTORY_ROLE);\r
-               sb.append(' ');\r
-               sb.append(role);\r
-               sb.append(" for ");\r
-               boolean first = true;\r
-               for(int i : yyyymm) {\r
-                       if(first) {\r
-                           first = false;\r
-                       } else {\r
-                           sb.append(',');\r
-                       }\r
-                       sb.append(i);\r
-               }\r
-               TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<HISTORY> rh = service.getHistoryByRole(trans,role,yyyymm,sort);\r
-                       switch(rh.status) {\r
-                               case OK: \r
-                                       RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,historyDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rh);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_HISTORY_ROLE);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
-        */\r
-       @Override\r
-       public Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String ns, int[] yyyymm, final int sort) {\r
-               StringBuilder sb = new StringBuilder();\r
-               sb.append(GET_HISTORY_NS);\r
-               sb.append(' ');\r
-               sb.append(ns);\r
-               sb.append(" for ");\r
-               boolean first = true;\r
-               for(int i : yyyymm) {\r
-                       if(first) {\r
-                           first = false;\r
-                       } else {\r
-                           sb.append(',');\r
-                       }\r
-                       sb.append(i);\r
-               }\r
-               TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<HISTORY> rh = service.getHistoryByNS(trans,ns,yyyymm,sort);\r
-                       switch(rh.status) {\r
-                               case OK: \r
-                                       RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,historyDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rh);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_HISTORY_NS);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByPerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
-        */\r
-       @Override\r
-       public Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String perm, int[] yyyymm, final int sort) {\r
-               StringBuilder sb = new StringBuilder();\r
-               sb.append(GET_HISTORY_PERM);\r
-               sb.append(' ');\r
-               sb.append(perm);\r
-               sb.append(" for ");\r
-               boolean first = true;\r
-               for(int i : yyyymm) {\r
-                       if(first) {\r
-                           first = false;\r
-                       } else {\r
-                           sb.append(',');\r
-                       }\r
-                       sb.append(i);\r
-               }\r
-               TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       Result<HISTORY> rh = service.getHistoryByPerm(trans,perm,yyyymm,sort);\r
-                       switch(rh.status) {\r
-                               case OK: \r
-                                       RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
-                                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                                               Question.logEncryptTrace(trans,data.asString());\r
-                                       }\r
-\r
-                                       data.to(resp.getOutputStream());\r
-                                       setContentType(resp,historyDF.getOutType());\r
-                                       return Result.ok();\r
-                               default:\r
-                                       return Result.err(rh);\r
-                       }\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,GET_HISTORY_PERM);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       public final static String CACHE_CLEAR = "cacheClear "; \r
-//     public final static String CACHE_VALIDATE = "validateCache";\r
-       \r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.authz.env.AuthzTrans, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> cacheClear(AuthzTrans trans, String cname) {\r
-               TimeTaken tt = trans.start(CACHE_CLEAR + cname, Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       return service.cacheClear(trans,cname);\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CACHE_CLEAR);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.Integer)\r
- */\r
-       @Override\r
-       public Result<Void> cacheClear(AuthzTrans trans, String cname,  String segments) {\r
-               TimeTaken tt = trans.start(CACHE_CLEAR + cname + ", segments[" + segments + ']', Env.SUB|Env.ALWAYS);\r
-               try {\r
-                       String[] segs = segments.split("\\s*,\\s*");\r
-                       int isegs[] = new int[segs.length];\r
-                       for(int i=0;i<segs.length;++i) {\r
-                               try {\r
-                                       isegs[i] = Integer.parseInt(segs[i]);\r
-                               } catch(NumberFormatException nfe) {\r
-                                       isegs[i] = -1;\r
-                               }\r
-                       }\r
-                       return service.cacheClear(trans,cname, isegs);\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,CACHE_CLEAR);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#dbReset(org.onap.aaf.authz.env.AuthzTrans)\r
-        */\r
-       @Override\r
-       public void dbReset(AuthzTrans trans) {\r
-               service.dbReset(trans);\r
-       }\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getAPI(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse)\r
-        */\r
-       public final static String API_REPORT = "apiReport";\r
-       @Override\r
-       public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {\r
-               TimeTaken tt = trans.start(API_REPORT, Env.SUB);\r
-               try {\r
-                       Api api = new Api();\r
-                       Api.Route ar;\r
-                       Method[] meths = AuthzCassServiceImpl.class.getDeclaredMethods();\r
-                       for(RouteReport rr : rservlet.routeReport()) {\r
-                               api.getRoute().add(ar = new Api.Route());\r
-                               ar.setMeth(rr.meth.name());\r
-                               ar.setPath(rr.path);\r
-                               ar.setDesc(rr.desc);\r
-                               ar.getContentType().addAll(rr.contextTypes);\r
-                               for(Method m : meths) {\r
-                                       ApiDoc ad;\r
-                                       if((ad = m.getAnnotation(ApiDoc.class))!=null &&\r
-                                                       rr.meth.equals(ad.method()) &&\r
-                                                   rr.path.equals(ad.path())) {\r
-                                               for(String param : ad.params()) {\r
-                                                       ar.getParam().add(param);\r
-                                               }\r
-                                               for(String text : ad.text()) {\r
-                                                       ar.getComments().add(text);\r
-                                               }\r
-                                               ar.setExpected(ad.expectedCode());\r
-                                               for(int ec : ad.errorCodes()) {\r
-                                                       ar.getExplicitErr().add(ec);\r
-                                               }\r
-                                       }\r
-                               }\r
-                       }\r
-                       RosettaData<Api> data = apiDF.newData(trans).load(api);\r
-                       if(Question.willSpecialLog(trans, trans.user())) {\r
-                               Question.logEncryptTrace(trans,data.asString());\r
-                       }\r
-\r
-                       data.to(resp.getOutputStream());\r
-                       setContentType(resp,apiDF.getOutType());\r
-                       return Result.ok();\r
-\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,API_REPORT);\r
-                       return Result.err(e);\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-       \r
-\r
-       public final static String API_EXAMPLE = "apiExample";\r
-\r
-       /* (non-Javadoc)\r
-        * @see org.onap.aaf.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
-        */\r
-       @Override\r
-       public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {\r
-               TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);\r
-               try {\r
-                       String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional); \r
-                       resp.getOutputStream().print(content);\r
-                       setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);\r
-                       return Result.ok();\r
-               } catch (Exception e) {\r
-                       trans.error().log(e,IN,API_EXAMPLE);\r
-                       return Result.err(Status.ERR_NotImplemented,e.getMessage());\r
-               } finally {\r
-                       tt.done();\r
-               }\r
-       }\r
-\r
-}\r